Collection of rules for Static Application Security Testing (SAST) with Semgrep
☆12Apr 16, 2025Updated 10 months ago
Alternatives and similar repositories for semgrep-rules
Users that are interested in semgrep-rules are comparing it to the libraries listed below
Sorting:
- Exploit scripts☆12Apr 10, 2022Updated 3 years ago
- Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.☆13Aug 4, 2025Updated 6 months ago
- A collection of permissively licensed Semgrep rules.☆22Jul 5, 2024Updated last year
- A collection of js analysis tools & scripts.☆19Updated this week
- My collection of Semgrep rules for vulnerability detection on source code (swift, java, cobol)☆42Dec 3, 2025Updated 2 months ago
- ☆25May 21, 2025Updated 9 months ago
- This includes all the templates of nuclei collected from different sources☆18Dec 30, 2022Updated 3 years ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆45Jun 3, 2024Updated last year
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- Some of the gf patterns which i use☆44Jan 19, 2022Updated 4 years ago
- Reestructured LemonBooster.☆47Jul 26, 2024Updated last year
- My custom semgrep rules☆23Sep 13, 2020Updated 5 years ago
- ☆18Apr 26, 2021Updated 4 years ago
- ☆22Apr 30, 2023Updated 2 years ago
- Collection of Some Good research Documentation☆27Dec 10, 2017Updated 8 years ago
- An intentionally-vulnerable application for demonstrating the hazards of SpEL expression composition☆28Apr 17, 2018Updated 7 years ago
- A collection of scripts for bug-bounty related stuff☆39Sep 4, 2020Updated 5 years ago
- Vuldroid is a Vulnerable Android Application made with security issues in order to demonstrate how they can occur in code☆66Sep 18, 2021Updated 4 years ago
- A bash script that automates the scanning of a target network for HTTP resources through XXE☆37Dec 2, 2020Updated 5 years ago
- ☆34Feb 15, 2021Updated 5 years ago
- The project aims at creating target-specific wordlists for any web application that you are testing.☆66May 28, 2022Updated 3 years ago
- Track HackerOne reports and leaderboard changes on programs through a Discord webhook☆34Jan 31, 2025Updated last year
- My Notes on Regular Expressions for AWAE/OSWE.☆37Sep 5, 2023Updated 2 years ago
- Prototype Pollution exploits collection☆37Aug 8, 2021Updated 4 years ago
- ☆15Mar 21, 2025Updated 11 months ago
- A magnet u-joint arms and effector for the Rostock delta 3d printer.☆20May 31, 2013Updated 12 years ago
- c4mund0n60 is a tool that use output of known tools for generate smart information about a domain☆11Sep 20, 2023Updated 2 years ago
- At this repo you can find any tools, tricks or templates for general penetration testing assesment☆15Apr 27, 2024Updated last year
- OWASP Foundation Web Respository☆36Sep 1, 2021Updated 4 years ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Mar 7, 2021Updated 4 years ago
- A collection of my Semgrep rules☆51Jul 4, 2023Updated 2 years ago
- Stuff for bug bounty☆35Feb 1, 2023Updated 3 years ago
- The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.☆11Apr 6, 2020Updated 5 years ago
- Send notifications on different channels such as Slack, Telegram, Discord etc.☆39Jan 12, 2026Updated last month
- The Ultimate Recon Framework☆11Mar 29, 2024Updated last year
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- Walkie Talkie with Arduino Nano and nRF24L01☆10Sep 16, 2022Updated 3 years ago
- ☆10Feb 8, 2024Updated 2 years ago
- Exploiting: CVE-2021-41349☆11Jan 6, 2022Updated 4 years ago